The following relates generally to methods, apparatus and articles of manufacture therefor, for securely exchanging a message between two parties.
Generally in various online e-commerce applications, cryptography offers solutions for enabling secure communications between web servers and web clients. However, such cryptographic solutions require the assistance of a computer to operate. Consequently, individuals who are unwilling or unable to use a computer do not have access to this form of secure communication.
In addition, in online applications, such as gaming or account creation, online tests are increasingly used for discerning a human operator versus an automated operator (otherwise known as a “bot” or automated player agent). Such tests are known in the art as CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart) tests, which may be defeated in one form through relay attacks in which automated agents direct digital CAPTCHA tests that require human evaluation to a user that is human to solve the test. More background on the use of CAPTCHA tests and their limitations is disclosed by Philippe Golle and Nicolas Ducheneaut, in “Preventing Bots from Playing Online Games”, published in the ACM Computers in Entertainment, Vol. 3, July 2005, which is incorporated herein by reference.
Accordingly, there continues to be a need for alternate solutions for both problems (i.e., cryptographic solutions for individuals with no online access and test for discerning human versus automated operators in an online environment). Such alternate solutions would advantageously provide a mechanism for allowing two parties communicating using either an off-line or an on-line environment to share a secret message, whether that message is for the purpose of delivering a personal identification number or providing proof of the existence of a human in an online-environment.
In accordance with the various embodiments disclosed herein, an exclusive or (XOR) encoded document is disclosed that is produced with hidden messages embedded on both sides of the document. A property of the XOR encoded document is that a message in an area on one side of the document cannot be revealed without rendering the message in that mirror area on the other side illegible. That is, the process of unmasking one message renders the other illegible. In one application, the XOR encoded document encodes a PIN (personal identification number) that is shared between a financial institution and its customer.
In accordance with the various embodiments disclosed herein, there is provided a method and article of manufacture therefor, that includes: a transparent base layer with a first side and a second side; a first encoding layer bonded to the first side of the transparent base layer; and a second encoding layer bonded to the second side of the transparent base layer in a location opposite (or mirror to) the first encoding layer; wherein the transparent base layer and its bonded first and second encoding layers define an XOR message area in which: (a) the first encoding layer encodes a first message visible only from the second side of the transparent base layer and the second encoding layer encodes a second message visible only from the first side of the transparent base layer; (b) one of the first and the second encoded messages is revealed when one of the first and second encoding layers is removed from the transparent base layer; and (c) the other of the first and second encoded messages is rendered illegible after the one of the first and second encoding layers is removed from the transparent base layer.
In accordance with one aspect of the various embodiments disclosed herein, each encoding layer is made up of: a transparent barrier layer bonded to the transparent base layer; a message layer bonded to the transparent barrier layer; and an opaque layer bonded to the message layer.